After updating the virus signature files, users should scan their
whole system with the F-Prot Antivirus OnDemand scanner to ensure
that their computer security was not compromised before the virus
signature files were updated.

Mydoom.A was programmed to perform a Distributed Denial of
Service (DDoS) attack on SCO's web site
(www.sco.com) starting
Sunday, 1 February 2004. The attack consisted of infected
computers accessing
www.sco.com and retrieving
the front page of SCO's web site.

The attack seems to have been successful. SCO's web site at
www.sco.com has been unreachable
since early on Sunday . Soon after the attack began SCO issued a
statement confirming that a "large scale, Denial of Service attack has [...] made
the company's web site completely unavailable".

SCO has now, however, set up alternative web sites at
www.thescogroup.com and
sco.com. These new web sites will be
in use through 12 February 2004 when the worm is programmed to stop
spreading and attacking. After this date, SCO plans to revert to its
original web site.

This new variant spreads in a similar way to the original
A variant.
In addition to being programmed to perform a Distributed Denial of Service (DDoS) attack on SCO's web site
(www.sco.com) on 1 February 2004, like the original
A variant,
then Mydoom.B@mm will also launch an attack on Microsoft's web site
(www.microsoft.com) on 3 February 2004.
The B variant is designed to stop spreading on 1 March 2004.

The worm reconfigures infected computers so that the websites of many
antivirus companies are no longer accessible.
The modifications are probably intended to prevent users of
antivirus software from downloading new updates to disinfect the worm.

A new mass-mailing worm that has been spreading rapidly via e-mail
and the Kazaa file-sharing network since it was first discovered
yesterday. This worm has gained wide distribution in a very short
time has therefore been classified as high risk by FRISK Software's
virus experts.

The attack may also be a smoke screen to divert attention away from
the worms' backdoor components that will still be functional after
12 February 2004. These components could have been included to
facilitate the building of a world-wide net of unsuspecting individual's home and
office computers for the purpose of using them to deliver large amounts of spam e-mail.

test
The message cannot be represented in 7-bit ASCII encoding and has been sent as a binary attachment.
The message contains Unicode characters and has been sent as a binary attachment.
Mail transaction failed. Partial message is available